Your company has until August 2, 2026 to comply — here’s what that means and what’s at stake.
Imagine receiving a voicemail from your CFO authorizing a $4 million wire transfer. The voice sounds exactly right. The urgency makes sense. You approve the transfer — and later discover your CFO never made that call. It was a deepfake, generated by AI in minutes.
This isn’t a hypothetical. It’s a documented pattern of fraud that has cost businesses hundreds of millions of dollars globally. And it’s getting harder to catch, because AI-generated audio, video, images, and even text have become nearly indistinguishable from the real thing.
The European Union has responded with a legal mandate. Under Article 50 of the EU AI Act, any company using AI to generate media — audio, video, images, or text — must embed machine-readable markings into that content by August 2, 2026. This applies not just to European companies, but to any organization operating in EU markets. The deadline is five weeks away and many companies are not prepared.
What Is AI Watermarking — and Why Should You Care?
A digital watermark is an invisible signature embedded directly into a piece of media. Unlike a visible logo or disclaimer, this mark is imperceptible to human senses — you can’t hear it in audio, see it in an image, or read it in text — but machines can detect it instantly.
Think of it like a dye pack hidden inside a stack of cash. The money looks normal, but if it’s stolen and misused, the dye reveals the theft. An AI watermark works the same way: the content circulates normally, but if it’s ever questioned — in a courtroom, a boardroom, or a newsroom — a detector can confirm whether it was AI-generated, when, and by whom.
This matters for two reasons: compliance and protection.
On the compliance side, organizations that generate AI content without proper watermarking face regulatory risk in EU markets starting this August. On the protection side, watermarking gives companies proof of provenance — a chain of evidence that can confirm authenticity or expose fraud.
The Scale of the Problem
A 2025 academic study found that only 38% of AI content generators currently implement adequate watermarking. That means most AI-generated content circulating today is untraceable. There’s no way to confirm whether a video is real, whether a recorded statement was fabricated, or whether a document was authored by a human or a machine.
Consider the corporate implications:
- A deepfake audio clip of an executive announcing a false merger could tank a stock price before markets can react.
- A forged AI-generated contract could survive initial legal scrutiny because it looks, reads, and sounds authentic.
- A synthetic video of a company spokesperson making inflammatory statements could trigger a reputational crisis overnight.
Without watermarking, there is no reliable forensic trail. With it, investigators can trace content back to its source in seconds.
What the New Technology Does
Resemble AI recently released PerTh Multimodal, a watermarking system that covers all four content types — audio, video, images, and text — through a single platform. It’s designed to meet the specific technical requirements outlined in the EU AI Act’s enforcement guidance.
The system works by embedding a tamper-resistant signature at the moment of content creation, using techniques tailored to each medium:
- Audio is watermarked using psychoacoustic principles — the mark hides in the frequency ranges human hearing can’t detect, so it doesn’t affect sound quality.
- Images and video are marked at the pixel level, with changes too subtle for the eye to register.
- Text is watermarked through slight linguistic variations — different word choices that preserve meaning while carrying a traceable pattern.
Critically, the watermark is designed to survive the kinds of changes content typically undergoes in the real world: compression, re-encoding, format conversion, editing. This is what the EU’s guidance means when it calls for solutions that are “robust and reliable.”
What This Means for Security Leaders
For Chief Security Officers and their teams, AI watermarking is no longer a product feature — it’s infrastructure. The August 2 deadline should prompt an immediate audit of any AI-generated content your organization produces or procures.
Key questions to ask now:
- Do your AI vendors embed machine-readable watermarks in the content they generate for you?
- Can your organization produce a provenance record for AI-generated media if challenged in a legal or regulatory proceeding?
- Is your content verification process capable of detecting forged or synthetic media arriving from external sources?
The good news is that compliant tools exist and can be integrated via standard APIs — meaning technical deployment doesn’t require rebuilding existing systems from scratch.
The harder work is organizational: ensuring that watermarking is embedded in content workflows, that security and legal teams understand what compliance requires, and that your vendors are held to the same standard.
The Bottom Line
AI-generated media has made the question “is this real?” genuinely difficult to answer. Watermarking doesn’t solve every aspect of that problem, but it provides something essential: a verifiable record of origin that holds up under scrutiny.
The EU AI Act’s August 2 deadline isn’t the finish line — it’s the starting gun. The companies that treat watermarking as core security infrastructure now will be better positioned for tighter mandates ahead, and better protected against the fraud scenarios that are already happening.
The invisible shield needs to be in place. The clock is running.